OM-1 OM-1 International Guidance and Best Practice
OM-1.1 OM-1.1 Guidance Provided by International Bodies
Guidance Provided by other International Bodies
OM-1.1.1
The papers below provide guidance which promotes best practice and can be generally applied by all licensees to their activities.
October 07Basel Committee: Framework for Internal Controls Systems in Banking Organisations
OM-1.1.2
The paper (see www.bis.org/publ/bcbs40.pdf) issued in September 1998 presents the first internationally accepted framework for supervisors to use in evaluating the effectiveness of the internal controls over all on- and off-balance-sheet activities of banking organisations.
October 07OM-1.1.3
The paper describes elements that are essential to a sound internal control system, recommends principles that supervisors can apply in evaluating such systems, and discusses the role of bank supervisors and external auditors in this assessment process.
October 07Basel Committee: Principles for the Sound Management of Operational Risk
OM-1.1.4
The paper (see www.bis.org/publ/bcbs195.pdf) issued in June 2011 by the
Basel Committee on Banking Supervision, outlines a set of principles that provide a framework for the effective management and supervision of operational risk, for use by banks and supervisory authorities when evaluating operational risk management policies and practices.Amended: October 2012
October 07OM-1.1.5
The paper also recognises that clear strategies and oversight by the Board of Directors and senior management, a strong operational risk culture and internal control culture (including, among other things, clear lines of responsibility and segregation of duties), effective internal reporting, and contingency planning are all crucial elements of an effective operational risk management framework for banks of any size and scope.
October 07Basel Committee: Risk Management for Electronic Banking and Electronic Money Activities
OM-1.1.6
The paper (see www.bis.org/publ) issued in March 1998 provides guidelines for supervisory authorities and banking organisations as they develop methods for identifying, assessing, managing and controlling the risks associated with
electronic banking andelectronic money .October 07OM-1.1.7
The paper indicates that, while providing new opportunities for banks,
electronic banking andelectronic money activities carry risks as well as benefits and it is important that these risks are recognised and managed in a prudent manner.October 07Basel Committee: Risk Management Principles for Electronic Banking
OM-1.1.8
The paper (see www.bis.org/publ) issued in July 2003 recognizes new risks associated with the increase in distribution of financial services through electronic channels, or e-banking. To emphasize the importance of these risks, the Committee has placed responsibility on the shoulders of the Board and senior management to ensure their institutions have analysed, identified and modified operations to mitigate these risks.
October 07OM-1.1.9
To facilitate these developments, the Committee has identified fourteen Risk Management Principles for
Electronic Banking to help banking institutions expand their existing risk oversight policies and processes to cover their e-banking activities.October 07OM-1.1.10
The Risk Management Principles fall into three broad, and often overlapping, categories of issues that are grouped to provide clarity: Board and Management Oversight; Security Controls; and Legal and
Reputational Risk Management.October 07Joint Forum: High Level Principles for Business Continuity
OM-1.1.11
This paper provides a broad framework for business continuity standards, and contains seven principles for regulators and industry participants to follow. It was published in August 2006 and is available in the "publications" section of the Basel Committee portion of the BIS website (www.bis.org).
October 07
